package com.chis.keytool;

import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.Enumeration;


/**
 *
 * 生成证书test.jks
 * keytool -genkey -alias test（别名）
 * -keypass 123456（私钥密码）
 * -keyalg RSA（算法）
 * -sigalg sha256withrsa（算法小类）
 * -keysize 1024（密钥长度）
 * -validity 365（有效期）
 * -keystore d:/test.jks（生成路径）
 * -storepass 123456（主密码）
 *
 * keytool -genkey -alias test -keypass 123456 -keyalg RSA -sigalg sha256withrsa -keysize 1024 -validity 365 -keystore d:/test.jks -storepass 123456
 *
 * 生成pfx证书
 * 运行pfx证书，导入到系统中
 * 从浏览器设置-证书管理-导出cer证书
 *
 * @Description
 * @Company zwx
 * @author wlj
 * @version 2019年12月19日
 */
public class JKS2PFX {

    public static final String PKCS12 = "PKCS12";
    public static final String JKS = "JKS";
    public static final String PFX_KEYSTORE_FILE = "C://workspace//szzs//test.pfx";
    public static final String KEYSTORE_PASSWORD = "123456";
    public static final String JKS_KEYSTORE_FILE = "C://workspace//szzs//test.jks";

    public static void coverToPfx() {
        try {
            KeyStore inputKeyStore = KeyStore.getInstance(JKS);
            FileInputStream fis = new FileInputStream(JKS_KEYSTORE_FILE);
            char[] nPassword = null;

            if ((KEYSTORE_PASSWORD == null)
                    || KEYSTORE_PASSWORD.trim().equals("")) {
                nPassword = null;
            } else {
                nPassword = KEYSTORE_PASSWORD.toCharArray();
            }

            inputKeyStore.load(fis, nPassword);
            fis.close();

            KeyStore outputKeyStore = KeyStore.getInstance(PKCS12);

            outputKeyStore.load(null, KEYSTORE_PASSWORD.toCharArray());

            Enumeration enums = inputKeyStore.aliases();

            while (enums.hasMoreElements()) { //   we   are   readin   just   one   certificate.

                String keyAlias = (String) enums.nextElement();

                System.out.println("alias=[" + keyAlias + "]");

                if (inputKeyStore.isKeyEntry(keyAlias)) {
                    Key key = inputKeyStore.getKey(keyAlias, nPassword);
                    Certificate[] certChain = inputKeyStore
                            .getCertificateChain(keyAlias);

                    outputKeyStore.setKeyEntry(keyAlias, key, KEYSTORE_PASSWORD
                            .toCharArray(), certChain);
                }
            }

            FileOutputStream out = new FileOutputStream(PFX_KEYSTORE_FILE);

            outputKeyStore.store(out, nPassword);
            out.close();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }


    public static void main(String[] args) {
        coverToPfx();
    }


}
